From f40d1eff28ca58553aa28f4b2a49ddf28f82a504 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 11 Jul 2025 22:34:24 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-10364902
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390193
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390194
---
 requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index de77a3863d..cb63c406ea 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -49,7 +49,7 @@ monotonic==1.5
 nestedcontext==0.0.4
 oauth2client==4.1.3
 orderedmultidict==1.0.1
-protobuf==3.9.1
+protobuf==4.25.8
 puremagic==1.4
 pyasn1==0.4.7
 pyasn1-modules==0.2.6
@@ -67,6 +67,6 @@ six==1.12.0
 swagger-spec-validator==2.4.3
 termcolor==1.1.0
 uritemplate==3.0.0
-urllib3==1.25.5
+urllib3==2.5.0
 Werkzeug==0.16.0
 wrapt==1.11.2